On Tue, Aug 9, 2016 at 7:16 AM, Martin Rex <m...@sap.com> wrote: > BERserk is an implementation defect, not a crypto weakness. >
Hence why I phrased the question the way I did. Per Izu, Shimoyama, and Takenaka 2006, PKCS#1 v1.5 has sharp edges which implementers must avoid (of course, the same can be said of BER in BERserk, and it was clearly the bigger of the two problems). Peter Gutmann's response was the sort of thing I was looking for when I originally asked the question. -- Tony Arcieri
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
